一、建立一個 OSS 賬戶
OSS 賬戶的密碼要求比較嚴格,建議記錄備註好;且 OSS 賬戶的使用者名稱以及密碼在後續需要配置到 Maven 的 setting.xml 檔案中。
二、為新專案託管建立 Jira 問題
登入剛剛註冊的 OSS 賬號,點選新建
在建立好一個 Jira Issue 並提交後,等待工作人員稽核通過。如果沒有問題,你提交的 Issue 會更改狀態為 RESOLVED。說明配置成功。
三、安裝並配置 GPG
我們需要安裝 GNU PG ,安裝完畢後,在我們的 Terminal 中輸入命令:
gpg -- version檢視是否安裝成功。
安裝完畢後,生成金鑰對,輸入命令gpg --full-gen-key
gpg --full-gen-keygpg --full-gen-key
gpg (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: keybox 'C:/Users/Nadeem/AppData/Roaming/gnupg/pubring.kbx' created
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048)
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expir輸入好使用者名稱,郵箱等資訊之後,會彈出一個輸入框,要求我們輸入 Passphrase:
我們需要記住設定好的 Passphrase,後續在 Maven 的 setting.xml 檔案中需要用到!
設定好加密金鑰後,我們需要將公鑰釋出到 OSSRH 伺服器上,因為你會使用這個公鑰來加密你的 jar 包,當你上傳你的 jar 包到 OSSRH 伺服器時,就會用私鑰來解密。
輸入命令:
gpg --list-key即可檢視我們設定的金鑰
pub rsa2048 2021-06-10 [SC]
EAA2F85838644032D5FC5A3070DB8094C525F6FE
uid [ultimate] jinrunheng (yes) <1175088275@qq.com>
sub rsa2048 2021-06-10 [E]這裡面 EAA2F85838644032D5FC5A3070DB8094C525F6FE 就是公鑰
將公鑰上傳到 pool.sks-keyservers.net
gpg --keyserver hkp://pool.sks-keyservers.net --send-keys EAA2F85838644032D5FC5A3070DB8094C525F6FE 四、配置 Maven 的 setting.xml
配置 oss 倉庫的認證資訊
<servers>
<server>
<id>ossrh</id>
<username>你註冊的 oss 的使用者名稱</username>
<password>你註冊的 oss 的密碼</password>
</server>
<server>
<id>oss</id>
<username>你註冊的 oss 的使用者名稱</username>
<password>你註冊的 oss 的密碼</password>
</server>
</servers>配置 GPG 金鑰方面的關鍵資訊:
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase>你設定的 Passphrase </gpg.passphrase>
<gpg.executable>/usr/local/bin/gpg</gpg.executable>
<gpg.homedir>/Users/macbook/.gnupg</gpg.homedir>
</properties>
</profile>
</profiles>gpg.executable 的資訊我們可以通過命令:
which gpg來檢視
gpg.homedir 的資訊可以通過命令:
gpg --list-key來檢視,公鑰列表之前,就包含 homedir 的路徑
➜ ~ gpg --list-key
/Users/macbook/.gnupg/pubring.kbx五、配置專案的 pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>io.github.jinrunheng</groupId>
<artifactId>sensitive-words-filter</artifactId>
<version>0.0.1</version>
<name>sensitive-words-filter</name>
<description>This is a Chinese sensitive words filter implemented in Java</description>
<url>https://github.com/jinrunheng/sensitive-words-filter</url>
<properties>
<java.version>1.8</java.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
<maven.compiler.source>${java.version}</maven.compiler.source>
<maven.compiler.target>${java.version}</maven.compiler.target>
</properties>
<dependencies>
<!--commons-lang3-->
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.9</version>
</dependency>
<dependency>
<groupId>org.junit.jupiter</groupId>
<artifactId>junit-jupiter</artifactId>
<version>5.7.2</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.11</version>
</dependency>
</dependencies>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<developers>
<developer>
<!--輸入在sonatype建立的賬戶和聯絡郵箱 -->
<name>dubyKim</name>
<email>1175088275@qq.com</email>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:jinrunheng/sensitive-words-filter.git</connection>
<developerConnection>scm:git:git@github.com:jinrunheng/sensitive-words-filter.git</developerConnection>
<url>git@github.com:jinrunheng/sensitive-words-filter.git</url>
<tag>sensitive-words-filter-0.0.1</tag>
</scm>
<build>
<plugins>
<plugin>
<!--for unit test-->
<artifactId>maven-surefire-plugin</artifactId>
<version>2.22.2</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-scm-plugin</artifactId>
<version>1.8.1</version>
</plugin>
<!--原始碼-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.1.2</version>
<executions>
<execution>
<id>attach-sources</id>
<phase>verify</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!--Java doc-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<configuration>
<source>8</source>
<aggregate>true</aggregate>
<charset>UTF-8</charset>
<encoding>UTF-8</encoding>
<docencoding>UTF-8</docencoding>
<additionalparam>-Xdoclint:none</additionalparam>
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!--部署-->
<plugin>
<artifactId>maven-deploy-plugin</artifactId>
<version>2.8.2</version>
<executions>
<execution>
<id>default-deploy</id>
<phase>deploy</phase>
<goals>
<goal>deploy</goal>
</goals>
</execution>
</executions>
</plugin>
<!--GPG 打包外掛-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<!--將元件部署到 OSSRH 並將其釋出到 Central Repository-->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.7</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
</plugins>
</build>
<distributionManagement>
<snapshotRepository>
<id>oss</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
</project>pom 的配置要求嚴格,必須包括 name,description,url,licenses,developers,scm 等這些基本資訊,另外需要注意的是 snapshotRepository 與 repository 中的 id 一定要與 setting.xml 中 server 的 id 保持一致!
這裡面需要注意的是很多舊文件中,nexus-staging-maven-plugin 的nexusUrl 配置的地址為 oss.sonatype.org/。
但是2021年2月份,最新發布的官方文件中已經建議我們將地址配置為s01.oss.sonatype.org/
詳情請移步到連結:central.sonatype.org/publish/relea...
六、釋出 jar 包
執行命令
mvn clean deploy如果專案 build success,等待一段時間後,我們就可以在 Nexus 上,找到我們釋出的包了
七、參考連結
文章參考連結:
本作品採用《CC 協議》,轉載必須註明作者和本文連結